Which of the following hardening techniques must be applied on a container image before deploying it to a production environment? (Select two).

Rationale

Remove default applications and disable Telnet.

Both techniques are crucial for hardening container images before deployment in production. Removing default applications reduces the attack surface by eliminating unnecessary software that could be exploited, while disabling Telnet enhances security by preventing unencrypted remote access, thereby safeguarding sensitive data and system integrity.

A (Remove default applications.) CORRECT

This choice is essential because default applications often come with vulnerabilities that can be exploited by attackers. By removing these applications, you minimize the number of potential entry points for security breaches, thereby enhancing the overall security posture of the container image.

B (Install a NIPS.) YOUR ANSWER

While installing a Network Intrusion Prevention System (NIPS) can enhance security, it is not a specific action applied directly to the container image itself before deployment. Instead, a NIPS functions as an external security measure to monitor and protect the network, rather than addressing vulnerabilities within the image.

C (Disable Telnet.) CORRECT

Disabling Telnet is a critical hardening step since Telnet transmits data in plaintext, making it susceptible to interception. By disabling this service, you protect the container from unauthorized access and ensure secure communications, especially in production environments.

D (Reconfigure the DNS.) YOUR ANSWER

Reconfiguring the DNS is generally related to network configuration rather than directly impacting the security of a container image. While proper DNS settings are important, this action does not specifically harden the image itself.

E (Add an SFTP server.) YOUR ANSWER

Adding an SFTP server is not a hardening technique; instead, it introduces additional services that could potentially increase the attack surface. For hardening, the focus should be on minimizing services rather than adding new ones.

F (Delete the public certificate.) YOUR ANSWER

Deleting a public certificate is not advisable as it can disrupt secure communications. Instead, ensuring that valid security certificates are in place is vital for maintaining secure connections in production environments.

Conclusion

To effectively harden a container image before deployment, it is crucial to remove default applications and disable Telnet. These actions directly reduce vulnerabilities and enhance security within the container itself. Other options either pertain to external security measures or introduce unnecessary complexity that could jeopardize the image's security. Prioritizing these hardening techniques is essential for maintaining a secure production environment.

Which of the following hardening techniques must be applied on a container image before deploying it to a production environment? (Select two).

Remove default applications and disable Telnet.

Related Questions

Related Quizzes

How familiar were you with this question?

Report an Issue

Rate this Practice Test